--- title: PingAccess 7.2.1 (April 2023) description: New PA-15174 component: pingaccess version: 7.3 page_id: pingaccess:release_notes:pa_v73_721_rn canonical_url: https://docs.pingidentity.com/pingaccess/7.3/release_notes/pa_v73_721_rn.html revdate: May 8, 2024 section_ids: added-rhel-9-support-topingaccess: Added RHEL 9 support to PingAccess added-ui-controls-for-risk-policy-configuration: Added UI controls for risk policy configuration pingone-risk-policy-integration-maps-user-agent-header-manually: PingOne risk policy integration maps user-agent header manually redirect-and-templated-authentication-challenges-now-set-pingaccess-cookies: Redirect and templated authentication challenges now set PingAccess cookies improved-vague-error-response-message-when-pingone-credential-is-blank-or-null: Improved vague error response message when PingOne Credential is blank or null adjusted-agent-token-cache-ttls-to-reflect-risk-policy-evaluation-intervals: Adjusted agent token cache TTLs to reflect risk policy evaluation intervals fixed-default-removal-of-active-session-state-cookies-from-requests: Fixed default removal of active session state cookies from requests --- # PingAccess 7.2.1 (April 2023) ## Added RHEL 9 support to PingAccess New PA-15174 Added support for RHEL 9 to version 7.2 of PingAccess, and the most recent versions of the PingAccess agent for NGINX and the PingAccess agent for Apache (RHEL). For more information, see the following topics: * [Installation system requirements](../installing_and_uninstalling_pingaccess/pa_system_requirements.html) * [Apache RHEL system requirements](../agents_and_integrations/pa_agent_for_apache_rhel_system_reqs.html) * [NGINX system requirements](../agents_and_integrations/pa_nginx_system_reqs.html) ## Added UI controls for risk policy configuration New PA-15152 Added two new pages in the administrative console, **PingOne Connections** and **Risk Policies**, as well as new configuration options on the **Application** and **Application Resource** tabs. These UI controls simplify the process of setting up a [PingOne Protect integration](../agents_and_integrations/pa_p1risk_policy_eval_integration.html) for web applications. For more information, see the following topics: * For more information on how to establish a connection between PingOne Protect and PingAccess, see [PingOne connections](../pingaccess_user_interface_reference_guide/pa_p1_connection_overview.html). * For more information on how to create a risk policy, see [Risk policies](../pingaccess_user_interface_reference_guide/pa_risk_policies_overview.html). * For more information on how to assign a risk policy to a specific application or application resource, see the **Application Type** table entry in [Application field descriptions](../pingaccess_user_interface_reference_guide/pa_application_field_descriptions.html) or step 11 of [Adding application resources](../pingaccess_user_interface_reference_guide/pa_adding_application_resources.html). ## PingOne risk policy integration maps user-agent header manually Fixed PA-15153 PingAccess wasn't sending the `browser.userAgent` parameter to PingOne Protect because PingAccess doesn't currently support device profiling (which would normally collect this parameter). In the absence of device profiling, PingAccess now attempts to map this parameter manually and send it to PingOne Protect. ## Redirect and templated authentication challenges now set PingAccess cookies Fixed PA-15154 PingAccess now proactively sets web session cookies for **Redirect** and **Templated** authentication challenges when you select the **[Append Redirect Parameters](../pingaccess_user_interface_reference_guide/pa_acr_generator_descriptions.html)** check box on one of those two challenge generators. Adding web session cookies helps the frontend application to interpret redirect or templated challenge responses and begin the appropriate authentication procedure. ## Improved vague error response message when PingOne Credential is blank or null Fixed PA-15165 The response message PingAccess returns for errors generated when an administrator adds or updates a PingOne connection has been improved to specify that the credential must not be null, empty, or blank. ## Adjusted agent token cache TTLs to reflect risk policy evaluation intervals Fixed PA-15166 Corrected an issue with token cache time to lives (TTLs) on agent applications that use the [PingOne Protect integration](../agents_and_integrations/pa_p1risk_policy_eval_integration.html). The agent token cache TTLs no longer prioritize an application's [web session](../pingaccess_user_interface_reference_guide/pa_creating_web_sessions.html) **Idle Timeout** over the **Risk Check Interval** or **Authentication Validity Period** defined in the application's [risk policy](../pingaccess_user_interface_reference_guide/pa_risk_policies_overview.html). ## Fixed default removal of active session state cookies from requests Fixed PA-15167 Corrected an issue where PingAccess would remove active session state cookies from requests by default. If a component relies on the session state cookie, its absence can cause unexpected behavior, so PingAccess now removes session state cookies conditionally.